Node-Tar-FS, Firefox-ESR, GIMP updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Debian Security Advisories have been released to address security vulnerabilities in several packages. Firefox-esr has been updated to version 140.3.1 to fix connection errors with some sites, while GIMP has been updated to version 3.0.4-3+deb13u1 to prevent denial of service or arbitrary code execution from malformed images. Node-tar-fs has also been updated to versions 2.1.3-0+deb11u2, 2.1.3-0+deb12u2, and 3.0.9+~cs2.0.4-1+deb13u1 for the same reason, with a specific tarball allowing symlink validation bypass if the destination directory is predictable.

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4313-1] node-tar-fs security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6003-2] firefox-esr update
[DSA 6013-1] node-tar-fs security update

Debian GNU/Linux 13 (Trixie):
[DSA 6014-1] gimp security update

Squid, MPlayer, Ceph updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Three security advisories have been issued for various Debian packages: Squid, MPlayer, and Ceph. The first advisory, DLA-4312-1 for Debian GNU/Linux 11 (Bullseye) LTS, deals with three security problems in Squid, including issues that could cause the service to crash and a possible heap buffer. The second advisory, ELA-1527-1 for Debian GNU/Linux 9 (Stretch) ELTS, updates the mplayer package to fix several buffer overflows and divide-by-zero errors. Meanwhile, the third advisory, ELA-1526-1 for both Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS, addresses a vulnerability in Ceph that allows an unprivileged user to escalate to root privileges by modifying directory permissions.

[DLA 4312-1] squid security update
ELA-1527-1 mplayer security update
ELA-1526-1 ceph security update

Thunderbird and NNCP updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Debian has released security updates for Thunderbird and NNCP to fix multiple vulnerabilities. The Thunderbird update, version 1:140.3.0esr-1deb11u1 for Debian GNU/Linux 11 (Bullseye) LTS, fixes issues that could result in arbitrary code execution, while the NNCP update for both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) addresses a path traversal vulnerability with its freq and file commands.

[DLA 4311-1] thunderbird security update
[DSA 6012-1] nncp security update

Liquorix Linux Kernel 6.16-8 released

Debian 10695 Ubuntu 6924 Arch Linux 917 Published by Philipp Esselbach 0

Steven Barrett has released the Liquorix Linux Kernel 6.16-8, a custom kernel designed to optimize desktop, multimedia, and gaming workloads by leveraging the performance capabilities of Linux Kernel 6.16. The kernel includes various upgrades aimed at making the system more responsive, lowering delays, and increasing data handling efficiency with tools like Zen Interactive Tuning technology and better scheduling. Liquorix kernel 6.16-8 also offers additional performance-enhancing features like High Resolution Scheduling, TCP BBR2 Congestion Control, and Compressed Swap to improve data transfer speed and reduce swap storage size.

LibXSLT, PAM, Ceph, Chromium, Thunderbird updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Debian has issued multiple security advisories for various packages, including Chromium, LibXSLT, PAM, Thunderbird, and Ceph. The Chromium advisory (DSA-6010-1) fixes three vulnerabilities that could lead to arbitrary code execution, denial of service, or information disclosure. The other advisories address five vulnerabilities in the LibXSLT, PAM, Thunderbird, and Ceph packages, which include problems with key length, gaining unauthorized access, and causing service interruptions.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1525-1 libxslt security update
ELA-1522-1 pam security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4309-1] libxslt security update
[DLA 4310-1] ceph security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6010-1] chromium security update
[DSA 6011-1] thunderbird security update

LibXSLT regression update for Debian

Debian 10695 Published by Philipp Esselbach 0

A Debian Security Advisory (DSA-5979-2) has been issued to correct a regression introduced by an update for the libxslt package. The issue, which affects the deterministic generate-id implementation, was causing generated IDs to be in a non-deterministic order. For the Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) distributions, the problem has been fixed in version 1.1.35-1+deb12u3 and 1.1.35-1.2+deb13u2 respectively.

[DSA 5979-2] libxslt regression update

Syslog-NG, PAM, Corosync, Kernel updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Multiple security updates have been issued for various Debian packages, including syslog-ng, pam, corosync, and linux. The updates fix security problems like mishandling of wildcard certificates during TLS authentication, denial-of-service attacks using mkfifo, buffer overflows in corosync, and different issues that could let attackers gain higher access or leak information in the Linux kernel. These vulnerabilities could allow attackers to impersonate legitimate endpoints, compromise secure logging, or elevate their privileges to root. It is recommended that users upgrade their packages to the latest versions to address these security concerns.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1523-1 syslog-ng security update
ELA-1522-1 pam security update
ELA-1524-1 corosync security update

Debian GNU/Linux 11 (Buster) LTS:
[DLA 4308-1] corosync security update

Debian GNU/Linux 12 (Bookworm):
[DSA 6009-1] linux security update

Debian GNU/Linux 13 (Trixie):
[DSA 6008-1] linux security update

PAM, FFmpeg, Jq, Shibboleth-SP updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Multiple security advisories have been issued for various Debian GNU/Linux packages, including pam, ffmpeg, jq, and shibboleth-sp. Attackers could exploit vulnerabilities such as denial of service, privilege escalation, SQL injection, and heap buffer overflows, which these advisories address. The affected packages include pam (CVE-2024-22365 and CVE-2025-6020), ffmpeg (CVE-2025-1594, CVE-2025-7700, and CVE-2025-10256), jq (CVE-2025-48060), and shibboleth-sp (CVE-2025-9943).

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1520-1 jq security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1521-1 shibboleth-sp security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4306-1] pam security update
[DLA 4307-1] jq security update

Debian GNU/Linux 13 (Trixie):
[DSA 6007-1] ffmpeg security update

Liquorix Linux Kernel 6.16-7 released

Debian 10695 Ubuntu 6924 Arch Linux 917 Published by Philipp Esselbach 0

Steven Barrett has announced the release of Liquorix Linux Kernel 6.16-7, a custom kernel designed to optimize desktop, multimedia, and gaming workloads by leveraging the performance capabilities of Linux Kernel 6.16.8. This kernel replacement boasts various enhancements, including Zen Interactive Tuning, scheduling improvements, and additional features such as High Resolution Scheduling and Compressed Swap. Liquorix kernel 6.16-7 supports a wide range of hardware and is designed to be used as a drop-in replacement for standard distribution kernels, with binary builds available for popular Debian-based distributions and Ubuntu. 

OpenVPN updates for Debian ELTS

Debian 10695 Published by Philipp Esselbach 0

Two security updates are available for OpenVPN, a virtual private network application. The first update (ELA-1519-1) affects Debian GNU/Linux 9 (Stretch) Extended LTS and fixes a vulnerability (CVE-2024-5594) that could result in data injection. The second update (ELA-1518-1) affects Debian GNU/Linux 10 (Buster) Extended LTS and also fixes the CVE-2024-5594 issue, as well as another vulnerability (CVE-2022-0547) that allows authentication bypass. Both updates are available to prevent attackers from injecting unexpected arbitrary data into third-party executables or plug-ins using PUSH_REPLY messages.

ELA-1519-1 openvpn security update
ELA-1518-1 openvpn security update

Firefox, Chromium, Python-Eventlet, Jetty updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Debian has issued several security updates for various packages, including Firefox ESR, Chromium, Python-Eventlet, and Jetty. The Firefox ESR update fixes several security problems that could allow harmful code to run, let attackers escape from a secure area, reveal private information, or ignore security rules about web origins, and it suggests upgrading to version 140.3.0esr-1 The Chromium update addresses security issues that could result in the execution of arbitrary code, denial of service, or information disclosures and recommends upgrading to version 140.0.7339.185-1deb12u1 for Debian 12 (Bookworm) or version 140.0.7339.185-1deb13u1 for Debian 13 (Trixie). The Jetty updates fix a protocol-level vulnerability in HTTP/2 support referred to as "MadeYouReset" and recommend upgrading to version 12.0.17-3.1deb13u1 or version 9.4.57-1.1~deb12u1 for jetty9.

Debian GNU/linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1517-1 python-eventlet security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4305-1] firefox-esr security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6004-1] chromium security update
[DSA 6005-1] jetty9 security update

Debian GNU/Linux 13 (Trixie):
[DSA 6006-1] jetty12 security update

Firefox-ESR and cJSON updates for Debian

Debian 10695 Published by Philipp Esselbach 0

A security update has been issued for the cJSON library, which was discovered to have an insufficient input sanitizing vulnerability that could lead to out-of-bounds memory access. The issue affects Debian GNU/Linux 11 (Bullseye) LTS and has been fixed in version 1.7.14-1+deb11u3 of the cjson package. Additionally, a security update has been issued for Mozilla Firefox ESR due to multiple vulnerabilities discovered in versions between 128.x and 140.x that could allow arbitrary code execution or information disclosure. The issue affects both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) distributions and has been fixed in version 140.3.0esr-1deb12u1 and version 140.3.0esr-1deb13u1, respectively.

[DLA 4304-1] cjson security update
[DSA 6003-1] firefox-esr security update

Nextcloud-desktop update for Debian 11 LTS

Debian 10695 Published by Philipp Esselbach 0

A security update has been released for the next cloud desktop package in the Debian GNU/Linux 11 (Bullseye) LTS to fix multiple vulnerabilities. The vulnerabilities include the injection of arbitrary HTML into the desktop client application via notifications, user status, and information, as well as potential man-in-the-middle attacks and the exposure of sensitive data. Additionally, a malicious server administrator can recover and modify the contents of end-to-end encrypted files.

[SECURITY] [DLA 4303-1] nextcloud-desktop security update

Python-Django and Node-SHA.js updates for Debian 11 LTS

Debian 10695 Published by Philipp Esselbach 0

Two security updates have been issued for Debian GNU/Linux 11 (Bullseye) LTS. The first update addresses a potential SQL injection attack in the Django web development framework, which has been fixed in version 2:2.2.28-1~deb11u8. The second update fixes an improper input validation vulnerability in node-sha.js, a popular streamable SHA hashes implementation, which has been addressed in version 2.4.11-2+deb11u1.

[DLA 4301-1] python-django security update
[DLA 4302-1] node-sha.js security update

Liquorix Linux Kernel 6.16-6 released

Debian 10695 Ubuntu 6924 Arch Linux 917 Published by Philipp Esselbach 0

Steven Barrett has announced the release of Liquorix kernel version 6.16-6, which is built on top of Linux Kernel 6.16.7 and optimized for desktop, multimedia, and gaming workloads. The new kernel features several significant enhancements, including scheduling improvements, CPUFreq settings tweaks, and a faster disk scheduler called Budget Fair Queue. Liquorix kernel 6.16-6 also allows for better timing control, quicker responses from the CPU, uses LZ4 compression Users can install the Liquorix kernel on their Debian, Ubuntu, or Arch-based Linux distribution by running a script available on the Liquorix website.

Shibboleth-SP, Jetty9, CJson, ImageMagick updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Debian has released several security advisories, including DLA-4300-1 for Shibboleth Service Provider (shibboleth-sp), which fixes a SQL vulnerability; DLA-4299-1 for Jetty 9 (jetty9), which resolves an HTTP/2 vulnerability; and ELA-1516-1 for ImageMagick (imagemagick), which addresses multiple vulnerabilities. The Shibboleth Service Provider advisory recommends upgrading to version 3.2.2+dfsg1-1+deb11u1, while the Jetty 9 advisory suggests updating to version 9.4.57-0+deb11u3. The ImageMagick advisory fixes issues, including memory leaks and format string bugs, in various functions of the software suite. Users are advised to upgrade their packages to address these vulnerabilities and prevent potential security risks.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1516-1 imagemagick security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4300-1] shibboleth-sp security update
[DLA 4299-1] jetty9 security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6001-1] cjson security update

ImageMagick and ca-certificates-java updates for Debian 10 ELTS

Debian 10695 Published by Philipp Esselbach 0

Debian GNU/Linux 10 (Buster) Extended LTS has received two security updates. The imagemagick package has been updated to fix multiple security vulnerabilities, including heap buffer overflows, memory leaks, and format string bugs. The vulnerabilities (CVEs) listed include issues with processing format strings containing consecutive percent signs (%%), memory corruption due to unsafe size calculations, and arbitrary memory region overwrites. These updates address various commands within ImageMagick, such as magick stream, magick mogrify, and montage, which were found to be vulnerable to these security issues. Additionally, the ca-certificates-java package requires an upgrade to resolve a circular dependency between Java packages and system certificates.

ELA-1515-1 imagemagick security update
ELA-1514-1 ca-certificates-java bugfix update

OpenCV update for Debian 10 ELTS

Debian 10695 Published by Philipp Esselbach 0

An update has been released for the OpenCV package in Debian GNU/Linux 10 (Buster) Extended LTS to fix multiple vulnerabilities. The vulnerabilities include buffer overflows, out-of-bounds reads and writes, NULL pointer dereferences, and divide-by-zero errors in various functions of the OpenCV library.

ELA-1513-1 opencv security update

Amanda, CUPS, Libcpanel, Libjson, ImageMagick updates for Debian

Debian 10695 Published by Philipp Esselbach 0

Debian has issued several security updates for various packages, including cups, libcpanel-json-xs-perl, libjson-xs-perl, imagemagick, and amanda. The cups package has been updated to fix two vulnerabilities that may result in authentication bypass or denial-of-service attacks, with fixes available for Debian 11 (Bullseye) LTS and older distributions. Other packages have also been updated, including libcpanel-json-xs-perl and libjson-xs-perl to fix integer buffer overflow vulnerabilities, and imagemagick to address multiple memory corruption vulnerabilities. Users are recommended to upgrade their packages to the latest versions to ensure security.

Debian GNU/Linux9 (Stretch) Extended LTS:
ELA-822-2 amanda regression update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1512-1 cups security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4298-1] cups security update

Debian gNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6000-1] libcpanel-json-xs-perl security update
[DSA 5999-1] libjson-xs-perl security update
[DSA 5998-1] cups security update
[DSA 5997-1] imagemagick security update

Previous Page

Next Page

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...